D365FO Security Myth: Applying Company Restrictions to Just the System User Role
This article discusses a security myth in Dynamics 365 for Finance and Operations (D365FO) regarding applying company restrictions to just the system user role. The myth suggests that by restricting legal entity access only to the system user role, security can be achieved without applying these restrictions to all security roles assigned to a user. However, the article explains that this approach is not secure, as it can be easily bypassed by changing the company ID in the URL or through code. The author emphasizes the importance of applying legal entity restrictions to all security roles assigned to a user to effectively secure the D365FO environment. The article concludes by highlighting the need to understand and utilize the security model of the system rather than relying on obscurity or hiding certain features.
Article 2m
Login now to access my digest by 365.Training
Learn how my digest works
Features
- Articles, blogs, podcasts, training, and videos
- Quick read TL;DRs for each item
- Advanced filtering to prioritize what you care about
- Quick views to isolate what you are looking for right now
- Save your favorite items
- Share your favorites
- Snooze items you want to revisit when you have more time